All the Perl that's Practical to Extract and Report

Navigation

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Without JavaScript enabled, you might want to
use the classic discussion system instead. If you login, you can remember this preference.

Please Log In to Continue

That's the problem with software - failure really is an option. It's not like we're building bridges or hospitals.

Case in point - today we discovered a bug in my spam scanning software that has been there for years. Hundreds of thousands of mails have triggered this bug. Yet we only just noticed it because failure wasn't a total showstopper. Creating the software with a tool like Alloy would have caught the bug (probably) but it would have also taken a hell of a lot longer to get the software written.

Consider the Therac-25, a well-known radiation therapy machine which killed at least 5 patients due to a software bug.

The Therac 25 is a really important story, but it is an outlier, and ultimately not relevant to most discussions about bugs, reliability or catastrophic failure. There is no general lesson to learn from that, except to be extremely careful when working on a system where life is on the line (medical, embedded or otherwise).

I wondered how Brooks' distinction between accidental complexity and essential complexity fits into this distinction between acceptable and unacceptable failures.Whether the failure is acceptable or not depends on the values of the clients, I think. Or does it?

I was thinking accidental complexity comes from the problem that the software is supposed to solve, but it looks like Brooks didn't think this way.

He said use of a high-level language frees a program from much of its accidental complexity.

In the systems I can remember at the moment, catastrophic failure related to essential complexity is intolerable. Catastrophic failure related to accidental complexity is accepted as part of the "cost of doing business". Prime example: IIS and Windows servers instead of something more solid, like VMS, TrustedSolaris or something even more paranoid that can run a webapp.:-)

You could make a convincing case that the inherent complexity of a computer is a part of the essential complexity of the Therac 25, that asynchronous communication is a part of the essential complexity of an ATM network, but operating systems are a form of accidental complexity in the realm of line-of-business apps.

To a first approximation, Brooks' distinction suffices, but it's not the entire story. High level languages free developers from a certain kind and a certain amount of accidental complexity, but not all of it.